DataBreaches should no longer be surprised to see threat actors claim to have hundreds of GB of files from medical entities, but it’s still concerning that entities can have so much data accessed and exfiltrated and yet not detect the attack. For today’s example, we point to Physicians Medical Billing, which was added to LockBit3.0’s…
HHS Office for Civil Rights Settles HIPAA Security Rule Investigation; Northeast Radiology agrees to corrective action plan and $350,000 monetary penalty
Over the past few years, DataBreaches has reported on a breach involving Northeast Radiology and its business associate, Alliance Healthcare Services. In March 2020, Northeast Radiology revealed its patient data was involved in a breach Alliance notified them about in January, 2020. TechCrunch had contacted Northeast Radiology about its unpatched PACS servers in 2019, but…
Major data breach affects multiple Dutch ministries, impact still unclear
Barry Zwets reports: Several ministries have been affected by a major data breach. The Ministry of the Interior and Kingdom Relations refers to a ‘privacy problem’ that has their ‘full attention’. This was reported by BNR sources, after which confirmation from the government followed. In addition to the Ministry of the Interior and Kingdom Relations, the Ministry…
Germany suspects Russian cyber attack on research group
Richard Connor with dpa reports: Intelligence officials in Germany on Tuesday said they were probing a suspected Russian online attack on the German Association for East European Studies (DGO). The research group, specializing in foreign policy and international relations, is among several operating in Germany that Moscow has deemed “undesirable.” What the intelligence agencies said Both Germany’s…
Operation Endgame follow-up leads to five detentions and interrogations as well as server takedowns
From Europol: Following the massive botnet takedown codenamed Operation Endgame in May 2024, which shut down the biggest malware droppers, including IcedID, SystemBC, Pikabot, Smokeloader and Bumblebee, law enforcement agencies across North America and Europe dealt another blow to the malware ecosystem in early 2025. In a coordinated series of actions, customers of the Smokeloader pay-per-install botnet,…
Pulse Urgent Care Center appears to be the victim of a ransomware attack
Medusa has struck another medical entity. This time, it is Pulse Urgent Care Center. According to its website, Pulse Urgent Care Center offers a range of services that includes urgent care, clinical medicine, women’s health, workers’ compensation, and employer services. Its headquarters is in Redding, California. It also has a location in Red Buff, California….